<?php

class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {

    private $_acl = null;
    private $_auth = null;

    public function __construct (Zend_Acl $acl, Zend_Auth $auth) {
	$this->_acl = $acl;
	$this->_auth = $auth;
    }

    public function preDispatch(Zend_Controller_Request_Abstract $oRequest) {
		$sModuleName = $oRequest->getModuleName();
		$sController = $oRequest->getControllerName();
		$sAction = $oRequest->getActionName();

		if (!is_null($sController) && stristr($sController, 'xhr_')) {
			$sController = str_replace('xhr_', '', $sController);

		}

		if ($this->_auth->hasIdentity()) {

			$identity = $this->_auth->getStorage();
			$read = $identity->read($identity);
			$iRole = $read->id_system_role;

			if ($iRole == 1) {
				$sRole = 'admin';

			}
			elseif ($iRole == 3) {
				$sRole = 'seller';
			}

		}
		else { //if no identity found
			$sRole = 'guest';
		}

		if(!$this->_acl->isAllowed($sRole, $sModuleName. ':' .$sController, $sAction)) {
//			die('not allowed');
			echo 'not allowed';
			$oRequest->setModuleName('default')
				     ->setControllerName('index')
				     ->setActionName('index');
		}
    }
}


